ClawHub

Telegram Media

Security checks across malware telemetry and agentic risk

Overview

This skill matches its Telegram media purpose, but it can send local files or generated voice content through your credentials to a hardcoded Telegram chat unless carefully reconfigured.

Review before installing. Set TELEGRAM_CHAT_ID to your own destination, remove the hardcoded fallback, inspect the ~/clawd helper scripts, and require explicit confirmation of every recipient, file path, and text payload. Do not use it to send secrets, credentials, internal documents, or sensitive user content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (11)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill is explicitly designed to transmit files, generated charts, and synthesized voice content to third-party services (Telegram and ElevenLabs) without any user-facing consent, warning, or data-classification guardrails. In an agent setting, this creates a real risk of unintended disclosure of sensitive local files, analysis output, or user-provided text to external providers.

External Transmission

Medium
Category
Data Exfiltration
Content
API_KEY = os.getenv('ELEVEN_API_KEY') or os.getenv('ELEVENLABS_API_KEY')
VOICE_ID = os.getenv('ELEVEN_VOICE_ID', '1SM7GgM6IMuvQlz2BwM3')
text = '''TEXT_TO_SPEAK'''
r = requests.post(
    f'https://api.xi-labs.com/v1/text-to-speech/{VOICE_ID}',
    headers={'xi-api-key': API_KEY, 'Content-Type': 'application/json'},
    json={'text': text, 'model_id': 'eleven_multilingual_v2',
Confidence
94% confidence
Finding
requests.post( f'https://api.xi-labs.com/v1/text-to-speech/{VOICE_ID}', headers={'xi-api-key': API_KEY, 'Content-Type': 'application/json'}, json=

External Transmission

Medium
Category
Data Exfiltration
Content
TOKEN = os.getenv('TELEGRAM_TOKEN')
CHAT = os.getenv('TELEGRAM_CHAT_ID', '7887978276')
text = '''TEXT_TO_SPEAK'''
r = requests.post(
    f'https://api.xi-labs.com/v1/text-to-speech/{VOICE_ID}',
    headers={'xi-api-key': API_KEY, 'Content-Type': 'application/json'},
    json={'text': text, 'model_id': 'eleven_multilingual_v2',
Confidence
95% confidence
Finding
requests.post( f'https://api.xi-labs.com/v1/text-to-speech/{VOICE_ID}', headers={'xi-api-key': API_KEY, 'Content-Type': 'application/json'}, json=

External Transmission

Medium
Category
Data Exfiltration
Content
TOKEN = os.getenv('TELEGRAM_TOKEN')
CHAT = os.getenv('TELEGRAM_CHAT_ID', '7887978276')
with open('PHOTO_PATH', 'rb') as f:
    r = requests.post(f'https://api.telegram.org/bot{TOKEN}/sendPhoto',
        data={'chat_id': CHAT, 'caption': 'CAPTION_HERE'},
        files={'photo': f}, timeout=30)
print(r.json())
Confidence
96% confidence
Finding
https://api.telegram.org/

External Transmission

Medium
Category
Data Exfiltration
Content
TOKEN = os.getenv('TELEGRAM_TOKEN')
CHAT = os.getenv('TELEGRAM_CHAT_ID', '7887978276')
with open('FILE_PATH', 'rb') as f:
    r = requests.post(f'https://api.telegram.org/bot{TOKEN}/sendDocument',
        data={'chat_id': CHAT, 'caption': 'CAPTION_HERE'},
        files={'document': f}, timeout=30)
print(r.json())
Confidence
98% confidence
Finding
https://api.telegram.org/

External Transmission

Medium
Category
Data Exfiltration
Content
TOKEN = os.getenv('TELEGRAM_TOKEN')
CHAT = os.getenv('TELEGRAM_CHAT_ID', '7887978276')
with open('charts/chart_btc.png', 'rb') as f:
    r = requests.post(f'https://api.telegram.org/bot{TOKEN}/sendPhoto',
        data={'chat_id': CHAT, 'caption': 'BTC — Daily TA Chart'},
        files={'photo': f}, timeout=30)
print(r.json())
Confidence
90% confidence
Finding
https://api.telegram.org/

External Transmission

Medium
Category
Data Exfiltration
Content
for chart in sorted(glob.glob('charts/chart_*.png')):
    name = os.path.basename(chart).replace('chart_', '').replace('.png', '').upper()
    with open(chart, 'rb') as f:
        r = requests.post(f'https://api.telegram.org/bot{TOKEN}/sendPhoto',
            data={'chat_id': CHAT, 'caption': f'{name} — Daily TA Chart'},
            files={'photo': f}, timeout=30)
    print(f'Sent {name}: {r.status_code}')
Confidence
92% confidence
Finding
https://api.telegram.org/

External Transmission

Medium
Category
Data Exfiltration
Content
VOICE_ID = os.getenv('ELEVEN_VOICE_ID', '1SM7GgM6IMuvQlz2BwM3')
text = '''TEXT_TO_SPEAK'''
r = requests.post(
    f'https://api.xi-labs.com/v1/text-to-speech/{VOICE_ID}',
    headers={'xi-api-key': API_KEY, 'Content-Type': 'application/json'},
    json={'text': text, 'model_id': 'eleven_multilingual_v2',
          'voice_settings': {'stability': 0.5, 'similarity_boost': 0.75}},
Confidence
94% confidence
Finding
https://api.xi-labs.com/

External Transmission

Medium
Category
Data Exfiltration
Content
TOKEN = os.getenv('TELEGRAM_TOKEN')
CHAT = os.getenv('TELEGRAM_CHAT_ID', '7887978276')
with open('/tmp/frank_voice.mp3', 'rb') as f:
    r = requests.post(f'https://api.telegram.org/bot{TOKEN}/sendVoice',
        data={'chat_id': CHAT, 'caption': 'Voice note from Frank'},
        files={'voice': f}, timeout=30)
print(r.json())
Confidence
93% confidence
Finding
https://api.telegram.org/

External Transmission

Medium
Category
Data Exfiltration
Content
CHAT = os.getenv('TELEGRAM_CHAT_ID', '7887978276')
text = '''TEXT_TO_SPEAK'''
r = requests.post(
    f'https://api.xi-labs.com/v1/text-to-speech/{VOICE_ID}',
    headers={'xi-api-key': API_KEY, 'Content-Type': 'application/json'},
    json={'text': text, 'model_id': 'eleven_multilingual_v2',
          'voice_settings': {'stability': 0.5, 'similarity_boost': 0.75}},
Confidence
95% confidence
Finding
https://api.xi-labs.com/

External Transmission

Medium
Category
Data Exfiltration
Content
f.write(r.content)
    import time; time.sleep(0.5)
    with open('/tmp/frank_voice.mp3', 'rb') as f:
        r2 = requests.post(f'https://api.telegram.org/bot{TOKEN}/sendVoice',
            data={'chat_id': CHAT},
            files={'voice': f}, timeout=30)
    print(f'Voice sent: {r2.status_code}')
Confidence
94% confidence
Finding
https://api.telegram.org/

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal